Monitor Device Fleets for Compliance

Written by Zach DeMeyer on August 31, 2020

Share This Article

Regardless of whether you’re in the office or working from home, as an IT administrator, compliance is among your high-level tasks. Although compliance breaks down into several different core requirements, one that’s common among many compliance regulations is the ability to assess and secure end user machines.

Most IT organizations have some infrastructure in place to monitor their device fleets for compliance. But, with a cloud directory service, you can centralize compliance needs in the cloud across all three major desktop operating systems — macOS®, Windows®, and Linux®.

Why Monitor Device Fleets?

The best way an organization can set itself up for compliance success is to have the most visibility possible across all endpoints. By managing each individual device, admins can identify potential vulnerabilities and take action to secure them.

The device is an end user’s gateway they use to access all of their other IT resources. If a bad actor can steal and/or access an end user’s device, then they can most likely access everything else the user is authorized to.

By ensuring devices are properly configured and secured through monitoring, IT admins can rest assured that they’ve done the requisite work to maintain compliance. Additionally, in the unfortunate scenario where a breach occurs, an incident analysis provides visibility into the causative factors.

Finding a Solution

With all that in mind, let’s look into what options are available for assessing machine fleets for compliance purposes.

RMM

Aptly named, remote monitoring and management (RMM) solutions enable admins to control and configure system-level settings on their device fleets as well as give them insights into how they’re operating with regard to security. A key tool for IT organizations like managed service providers (MSPs), RMMs use agents downloaded onto devices to provide real-time feedback that can be used to build audit trails for compliance. This data can also be further ingested into a SIEM (Security Information and Event Management) solution to analyze and report on.

However, RMMs are point solutions. For organizations with limited budgets, an RMM presents another tool that increases their costs, which makes them less desirable than a monitoring solution integrated directly into their other .

Proprietary OS Tools

Windows, Mac, and Linux each have integrated monitoring tools. Admins can access Windows Event Viewer, the Mac Console app, or Linux command line interface to surface the system’s logs and identify threats or potential vulnerabilities.

Unfortunately, while this is certainly a cost-effective solution, it has its drawbacks, namely the fact that an admin must be able to access the machine in order to access system logs. In this scenario, the admin needs physical access to the machine, or must already have some sort of remote desktop software installed. With employees working from home due to COVID-19, admins generally can’t access physical machines. Like RMMs, remote desktop tools are just another point solution, creating more toll on an organization’s budget. Additionally, this method doesn’t scale well as admins can only check up on one system at a time and at a point in time rather. In larger organizations, manually monitoring each one simply isn’t feasible.

Cloud Directory Service

In order to reduce costs and streamline operations, IT organizations can employ a cloud directory service to manage and access their remote machine fleets for compliance. For instance, the JumpCloud® cloud directory platform enables IT admins to enforce security configuration Policies at scale across Mac, Windows, and Linux systems, and then monitor them using a feature called System Insights™.

What is System Insights?

System Insights uses JumpCloud’s system agent to routinely query data across fleets of Windows, Mac, and Linux devices. Data categories include:

  • System Information and Hardware
  • Operating System
  • Software
  • Networks
  • Users and Groups

You can find a full breakdown of these categories here.

System Insights displays its data in JumpCloud’s Admin Portal, the same location used to remotely manage device settings and control user identities. That way, in the case of an identified vulnerability or post-breach audit, admins can make immediate changes to secure the system based on the insights they received.

How Does System Insights Support Compliance?

For compliance purposes, System Insights tracks key data points including: 

  • Which users have access to a system
  • The status of full disk encryption on hard drives
  • Firewall status
  • Inserted USB devices
  • Active configuration Policies

All of this information is crucial when proving compliance to auditors. Additionally, admins can use System Insights to track a machine’s health, like battery status and uptime, to make sure their end users are able to work effectively — even if they’re remote.

Try System Insights Free

System Insights (and its sister feature Directory Insights™) is available for free with every JumpCloud Free account. Your Free account also includes 10 users and systems at no charge, so by signing up, you can get started right away to see how System Insights and the rest of the JumpCloud platform works. Within your first 10 days, you also have access to 24×7 live chat support to help guide you through implementation.

Want to learn more about JumpCloud? Contact us to set up a demo.

Continue Learning with our Newsletter